I can see the DefaultMongoConnectionFactoryProvider hard codes the old
mongocr security:
MongoCredential credential = MongoCredential.createMongoCRCredential(user,
dbName, password.toCharArray());
client = new MongoClient(new ServerAddress(host, port),
Collections.singletonList(credential),
clientOptions);
} else {
client = new MongoClient(new ServerAddress(host, port), clientOptions);
} It should be using:
MongoCredential credential = MongoCredential.createScramSha1Credential(
System.getProperty("mongouser"),
System.getProperty("mongodatabase"),
System.getProperty("mongopassword").toCharArray());
On Tue, Jan 26, 2016 at 11:40 AM, Dean Peterson <peterson.dean(a)gmail.com>
wrote:
Does keycloak v1.3.1 support mongodb 3.0 and it's new default
scram-sha
security? If not, do later versions support it?